Website San Francisco International Airport
Under the direction of the Acting Chief Information Security Officer (CISO), the 9976 Principal Cyber Security Engineer will play a critical role in developing, implementing, and maintaining effective cybersecurity strategies and infrastructures to protect the Airport’s critical systems, networks, and sensitive data. The position’s primary focus will be to further strengthen SFO information security posture in response to emerging cyber threats that are becoming more sophisticated and persistent. It is imperative that every effort is made to protect the integrity, availability, and confidentiality of information communications technology (ICT), industrial control systems (ICS), and electronic data resources against cyber threats.
- Liaise with other Airport sections and City departments for matters related to information security and cyber-security; Maintain cooperative relationships with vendors, contractors and other agencies within the City.
- Assesses and provides recommended cloud security controls to facilitate security of SFO cloud presence, including adequate accounting of data access controls.
- Develops, maintains, and oversees an agile software develop life cycle process for SFO development teams, as well as undertake measures to ensure remediation actions effectively mitigate risk.
- Responsible for planning, direction and oversight on multiple cyber security projects and initiatives.
- Primary subject matter expert for information security and cyber-security for SFO: maintains skills and expertise within areas of cybersecurity and information security for ICT and ICS environments.
- Recommends and implements new or revised security measures based on risk analysis for purposes of protecting SFO information systems and resources, performing periodic analysis of security measure effectiveness, and documenting all deviations from intended mitigation.
- Engages in requirements definitions on SFO IT initiatives and projects, including analysis of risks aligned with SFO IT and architecture standards.
- Identifies and manages cyber-security threats and incidents as directed by the Chief Information Officer and Chief Information Security Officer (CISO).
- Facilitates a consistent and positive security posture across multiple, independent information systems throughout SFO.
- Maintains and continually improves SFO’s vulnerability management program, to include patch management, vulnerability scanning, and reporting monthly status on the program’s effectiveness.
Qualification & Experience:
- Working knowledge of multiple cyber-related audit frameworks.
- Recent and verifiable experience developing and implementing an enterprise cybersecurity program.
- Possession of a Bachelor’s degree in information technology, telecommunications, management information systems, computer science, computer engineering, or a closely related field, or discipline.
- Industry certifications are highly desirable in one or more disciplines related to audit, project management and/or information security, e.g. CISSP, PCI ISA, CRISC, PMP.
- Recent and verifiable experience with information security cloud architecture (particularly AWS)
- Ability to direct auditing and/or quality assurance efforts designed to ensure ongoing compliance against agreed upon standards and practices.
- Recent and verifiable experience reviewing firewall logs and refining firewall security policies.
Company: San Francisco International Airport
Vacancy Type: Full Time
Job Functions: Information Technology
Job Location: San Francisco, CA, US
Application Deadline: N/A